package com.ibm.ws.security.config;

import com.ibm.ISecurityUtilityImpl.AuthenticationTarget;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.models.config.orb.securityprotocol.SecurityprotocolPackage;

/* loaded from: input_file:com.ibm.ws.admin.client_7.0.0.jar:com/ibm/ws/security/config/CSIv2LayerConfig.class */
public class CSIv2LayerConfig extends GenericConfigHelperImpl {
    public static final String SUPPORTED_AUTH_MECH_LIST = "supportedAuthMechList";
    public static final String AUTHENTICATION_LAYER_RETRY_COUNT = "authenticationLayerRetryCount";
    public static final String AUTHENTICATION_LAYER_RETRY_ENABLED = "authenticationRetryEnabled";
    public static final String TYPE_IDENTITY_ASSERTION_LAYER = "IdentityAssertionLayer";
    public static final String TYPE_MESSAGE_LAYER = "MessageLayer";
    public static final String TPYE_TRANSPORT_LAYER = "TransportLayer";
    private static final String SERVER_AUTHENTICATION = "serverAuthentication";
    private static final String SSL_CONFIG = "sslConfig";
    private static final String SUPPORTED_QOP = "supportedQOP";
    private static final String REQUIRED_QOP = "requiredQOP";
    private static TraceComponent tc = Tr.register(CSIv2LayerConfig.class, "SecurityConfig", "com.ibm.ejs.resources.security");
    private CSIv2QOPConfig requiredQOP = null;
    private CSIv2QOPConfig supportedQOP = null;
    private String type = null;

    public CSIv2LayerConfig(SecurityConfigObject securityConfigObject, GenericConfigHelperImpl genericConfigHelperImpl, String str) {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "ctor " + str, new Object[]{securityConfigObject, genericConfigHelperImpl});
        }
        super.initialize(securityConfigObject, genericConfigHelperImpl, str);
        initialize_defaults();
        initialization();
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "ctor" + this.cacheKey, this);
        }
    }

    private void initialize_defaults() {
        this.defaults.put(SUPPORTED_AUTH_MECH_LIST, "ltpa|basicAuth|custom");
        this.defaults.put(AUTHENTICATION_LAYER_RETRY_COUNT, 3);
        this.defaults.put(AUTHENTICATION_LAYER_RETRY_ENABLED, Boolean.FALSE);
    }

    private void initialization() {
        if (isSet(SUPPORTED_AUTH_MECH_LIST)) {
            String string = getString(SUPPORTED_AUTH_MECH_LIST);
            if (string.length() == 0) {
                throw new IllegalStateException("Invalid empty string for supportedAuthMechList");
            }
            for (String str : string.split("\\|")) {
                String lowerCase = str.toLowerCase();
                if (!lowerCase.equalsIgnoreCase(AuthenticationTarget.KRB5String) && !lowerCase.equalsIgnoreCase(AuthenticationTarget.LTPAString) && !lowerCase.equalsIgnoreCase(AuthenticationTarget.RSATokenString) && !lowerCase.equalsIgnoreCase(AuthenticationTarget.BasicAuthString) && !lowerCase.equalsIgnoreCase("custom")) {
                    throw new IllegalStateException("A value defined in supportedAuthMechList is invalid. The value is:" + lowerCase);
                }
            }
        }
        if (getInteger(AUTHENTICATION_LAYER_RETRY_COUNT) > 0) {
            setBoolean(AUTHENTICATION_LAYER_RETRY_ENABLED, Boolean.TRUE);
        } else {
            setBoolean(AUTHENTICATION_LAYER_RETRY_ENABLED, Boolean.FALSE);
        }
    }

    public String getType() {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "getType" + this.cacheKey);
        }
        if (this.type == null) {
            if (this.sco.instanceOf(SecurityprotocolPackage.eNS_URI, "IdentityAssertionLayer")) {
                this.type = "IdentityAssertionLayer";
            } else if (this.sco.instanceOf(SecurityprotocolPackage.eNS_URI, "MessageLayer")) {
                this.type = "MessageLayer";
            } else if (this.sco.instanceOf(SecurityprotocolPackage.eNS_URI, "TransportLayer")) {
                this.type = "TransportLayer";
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Unknown CSIv2 Layer type");
            }
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getType" + this.cacheKey, this.type);
        }
        return this.type;
    }

    private synchronized void do_getSupportedQOP() {
        SecurityConfigObject object;
        if (this.supportedQOP != null || (object = this.sco.getObject("supportedQOP", false)) == null) {
            return;
        }
        this.supportedQOP = new CSIv2QOPConfig(object, this, this.cacheKey);
    }

    public CSIv2QOPConfig getSupportedQOP() {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "getSupportedQOP" + this.cacheKey);
        }
        if (this.supportedQOP == null) {
            do_getSupportedQOP();
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getSupportedQOP" + this.cacheKey, this.supportedQOP);
        }
        return this.supportedQOP;
    }

    private synchronized void do_getRequiredQOP() {
        SecurityConfigObject object;
        if (this.requiredQOP != null || (object = this.sco.getObject("requiredQOP", false)) == null) {
            return;
        }
        this.requiredQOP = new CSIv2QOPConfig(object, this, this.cacheKey);
    }

    public CSIv2QOPConfig getRequiredQOP() {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "getRequiredQOP" + this.cacheKey);
        }
        if (this.requiredQOP == null) {
            do_getRequiredQOP();
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getRequiredQOP" + this.cacheKey, this.requiredQOP);
        }
        return this.requiredQOP;
    }

    public String getTrustedServers() {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "getTrustedServers" + this.cacheKey);
        }
        StringBuffer stringBuffer = new StringBuffer("");
        SecurityConfigObjectList objectList = this.sco.getObjectList("trustedServers");
        for (int i = 0; i < objectList.size(); i++) {
            String string = objectList.get(i).getString(UserRegistryConfig.SERVER_ID);
            if (i == 0) {
                stringBuffer.append(string);
            } else {
                stringBuffer.append(",");
                stringBuffer.append(string);
            }
        }
        String stringBuffer2 = stringBuffer.toString();
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getTrustedServers" + this.cacheKey, stringBuffer2);
        }
        return stringBuffer2;
    }

    public String getServerAuthentication() {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "getServerAuthentication" + this.cacheKey);
        }
        String string = scm.getString(this.sco, SERVER_AUTHENTICATION, "sslConfig", null, false, true);
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getServerAuthentication" + this.cacheKey, string);
        }
        return string;
    }
}
